imroza
Posts: 21
|
| Posted: 11/23/2011, 4:57 PM |
|
I have a simple problem i must insert a php script in a Mysql Table.
When i insert this in my DB
$code="$pippo";
$SQL="INSERT into table (nID,Code) values(1, '".$code."')";
$db = new clsDBInternetDB();
$db->query($SQL);
The value in field Code is null
Please help me!!
|
 |
 |
cleyan
Posts: 136
|
| Posted: 11/23/2011, 8:28 PM |
|
what is the value of $pippo? I think is empty
maybe you want to write:
$code="pippo";
$SQL="INSERT into table (nID,Code) values(1, '".$code."')";
$db = new clsDBInternetDB();
$db->query($SQL);
OR
$code=CCToSQL("pippo", ccsText);
$SQL="INSERT into table (nID,Code) values(1, $code)";
$db = new clsDBInternetDB();
$db->query($SQL);
Regards
Carlos
_________________
**************************************************
Carlos Leyan B.
Temuco, Chile
www.leytec.net |
|
|
|
imroza
Posts: 21
|
| Posted: 11/23/2011, 10:50 PM |
|
Thanks cleyan for reply.
The value is a code like this
$code="
include('../phpgraph/phpgraphlib.php');
$graph = new PHPGraphLib(500,350);
$data = array(12124, 5535, 43373, 22223, 90432, 23332, 15544, 24523,
32778, 38878, 28787, 33243, 34832, 32302);
$graph->addData($data);
$graph->setTitle('Widgets Produced');
$graph->setGradient('red', 'maroon');
$graph->createGraph();";
and the problem is that is not insert:
$graph
$data
$graph->setTitle
etc
Thanks
Roberto
|
|
|
|
datadoit
|
| Posted: 11/24/2011, 8:29 AM |
|
If you want to actually insert that dollar symbol, you must first escape
it so that it's not parsed as a variable. Similar to escaping a quote,
newline character, etc.
$SQL = "INSERT into table (nID, Code) values (1, " . CCToSQL("\$pippo",
ccsText) . ")";
Also note the usage of the CCToSQL() function. Always use it, as it
will protect you from SQL injections.
|
|
|
|
imroza
Posts: 21
|
| Posted: 11/27/2011, 2:02 PM |
|
Thank you fo reply datadoit
|
|
|
|
|
